<link href="Style.css" rel="stylesheet" type="text/css" />
<?php
session_start(); 

require("sql_functions.php");

if(isset($_SESSION['user']))
{

	$user = $_SESSION['user'];
	$isValid = 0;

	
	if( isset($_SESSION['isAdmin']) && $_SESSION['isAdmin'] == 1)
	{	
	
		if(isset($_POST['formFirstName']) && isset($_POST['formLastName']) && isset($_POST['formEmail']))
		{
		
			$firstName = $_POST['formFirstName'];
			$lastName = $_POST['formLastName'];
			$email = $_POST['formEmail'];
			$oldEmail = $_POST['oldEmail'];

			$pw1 =  $_POST['formPassword1'];
			$pw2 =  $_POST['formPassword2'];
			
			if(strcmp($pw1,$pw2))
			{
				echo "Passwords must match!";
			}
			
			else
			{			
				$temp = sql_getEmployee($email);
				if($temp)
				{
					$emp = sql_editEmployee($firstName, $lastName, $oldEmail, $email, $pw1);
					$isValid = 1;

					if(isset($_POST['formCert']))
					{
						$cert = $_POST['formCert'];

						if(strcmp($cert,""))
						{
							sql_addCertification($email, $cert);
						}
					}
				}
				else
				{
					$emp = sql_createEmployee($firstName, $lastName, $email, $pw1);

					if($emp == -1)
					{
						echo "There was an error, please check your entries";
					}
					else
					{
						echo "Employee created!";
						$isValid = 1;
					}
				}
			}
			
		}
		
		
		echo "<html>"; 
		echo "<head>"; 
		echo "</head>"; 
		echo "<body>"; 
		echo "<p>Employee Info";
		echo "<form action=\"\" method=\"POST\">"; 
		echo "<p>First Name:";
		echo "<input name=\"formFirstName\" value=\"$firstName\" />"; 
		echo "</p>"; 
		echo "<p>Last Name:";  
		echo "<input name=\"formLastName\" value=\"$lastName\" />"; 
		echo "</p>"; 
		echo "<p>Email:";  
		echo "<input name=\"formEmail\" value=\"$email\" />"; 
		echo "</p>"; 
		echo "<p>Password:";  
		echo "<input name=\"formPassword1\" type=\"password\" value=\"$pw1\" />"; 
		echo "</p>"; 
		echo "<p>Confirm Password:";  
		echo "<input name=\"formPassword2\" type=\"password\" value=\"$pw2\" />"; 
		echo "</p>"; 
		
		
		echo "<p>Certifications:";

		
		if(!$isValid)
		{
			echo "<p>Save to add certifications.";
		}
		
		else
		{
			$certs = sql_getEmployeeCertifications($email);

			if(count($certs) == 0)
			{
				echo "<p>None";
			}
			else
			{
				while($row = mysql_fetch_array($certs))
				{
					$cert = $row['Certification'];
					echo "<p>$cert";
				}
			}

			echo "<p>New Certification";
			echo "<input name=\"formCert\" />";
		}

		$oldEmail = $emp['Email'];



		echo "<input name=\"oldEmail\" type=\"hidden\" value=\"$oldEmail\" />";
		echo "<p><input type=\"submit\" name=\"save\" value=\"Save\" />"; 
		echo "</form>"; 

		echo "<a href=\"employee_management.php\">Employee Management</a>";

		echo "</body>"; 
		echo "</html>"; 
		
	
	}

	else
	{
		echo "You do not have permission to view this page";
	}

}
else
{
	echo "Must be logged in to view this page.";
}

?>
